<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>

<?php
  function escapeChars($string){
    $notAllowed = array('"');
    $replacements = array('\"');
    return str_replace($notAllowed, $replacements, $string);
  }
    
    //security
  if($_GET['passwd'] != md5('spravceukoluA')){
    echo 'ERROR:Permission denied.';
    exit;
  } 
  
  //if mode is not select, exit
  if(!isset($_GET['mode'])){
    echo 'ERROR:Mode is not select.';
    exit;
  }
  
  $mode = $_GET['mode'];
  
  //tmp file with sql query
  $file = "tmpFile.txt";
  $fh = fopen($file, 'r');
  $sqlQuery = fread($fh, filesize($file));
  fclose($fh);

  //mysqli
  $mysqli = new mysqli('mysql.tym.cz','tym_spravceukolu','spravceukoluA','tym_spravceukolu');                                                                                               
  $mysqli->set_charset("utf8");

  if ($mode=='update'){
    $mysqli->query($sqlQuery);
    echo 'INFO:Update was succesfull.';
    $mysqli->close();
    exit;
  }

  if ($mode=='select'){
   $myArr = array();
    if ($result = $mysqli->query($sqlQuery)) {
      $tmpArr = array();
      while ($row = $result->fetch_object()) {
        $tmpArr = $row;
        foreach ($tmpArr as $key => $val) {
          echo $key.':"'.escapeChars($val).'"';
        }
        echo'<br>';
      }      
    } else{
      echo 'ERROR:'.$mysqli->error;
    }
    $mysqli->close();
    exit;
  }
?>